Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.9 - Administration Guide

Introduction System requirements Using the virtual appliance and web management console Installing the desktop client Setting up Safeguard for Privileged Passwords for the first time The console Navigation pane Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Historical changes by release Glossary

Syslog

Safeguard for Privileged Passwords allows you to define one or more syslog servers to be used for logging Safeguard for Privileged Passwords event messages. Using this feature, Appliance Administrators can specify to send different types of messages to different syslog servers.

Navigate to Administrative Tools | Settings | External Integration | Syslog. The Syslog pane displays the following about each syslog server defined.

Table 165: Syslog server: Properties
Property Description
Network Address The IP address or FQDN of the syslog server.
Port The UDP port number for syslog server.
Facility The type of program being used to create syslog messages.
Description The description of the syslog server configuration.
# of Events The number of events selected to be logged to the syslog server.

Use these toolbar buttons to manage the syslog server configurations.

Table 166: Syslog server: Toolbar
Option Description
New Add a new syslog server configuration. For more information, see Configuring a syslog server.
Delete Selected

Remove the selected syslog server configuration from Safeguard for Privileged Passwords.

Refresh Update the list of syslog server configurations.
Edit Modify the selected syslog server configuration.
Copy Clone the selected syslog server configuration.

Configuring a syslog server

It is the responsibility of the Appliance Administrator to configure Safeguard for Privileged Passwords to log event messages to a syslog server.

To configure a syslog server

  1. Navigate to Administrative Tools | Settings | External Integration | Syslog.
  2. Click New to display the Syslog dialog.
  3. In the Syslog dialog, enter the following:

    1. Network Address: Enter the IP address or FQDN of the syslog server.

      Limit: 255 characters

      Required

    2. UDP Port: Enter the UDP port number for the syslog server.

      Default: 514

      Range: between 1 and 32767

      Required

    3. Description: Enter a description for the syslog server configuration.

      Limit: 255 characters

    4. Events: Click Browse to select the events to be included in the syslog.

      On the Event selection dialog, select the events to be included, then click OK.

    5. Facility: Choose the type of program to be used to log syslog messages.

      Default: User-level messages

  4. Click OK to save your selection and add the syslog server configuration.

Ticketing

Safeguard for Privileged Passwords allows you to integrate with your company's external ticket system such as ServiceNow or Remedy. Workflow examples follow.

IMPORTANT: The data items specific to ServiceNow and Remedy (for example, Client ID, Client Secret, and Authentication String) may be optional based on your configuration.

ServiceNow integration workflow example

ServiceNow is a cloud-based issue tracking system. Safeguard for Privileged Passwords can exchange the following ticket types with ServiceNow:

  • INC (incident) tickets
  • CHG (change) tickets
  • RITM (request) tickets
  • PRB (problem) tickets

To use ServiceNow, the root CA Certificate required for ServiceNow must be installed in Safeguard for Privileged Passwords. For more information, see Trusted Certificates. To add a trusted certificate, see Adding a trusted certificate.

The incident ticket workflow follows.

  1. The Policy Administrator creates an access request policy that requires the requester to provide a ticket number when creating an access request. For more information, see Creating an access request policy
  2. When the requester makes a request, they must enter the existing ServiceNow ticket number on the New Access Request dialog, Request Details tab, Ticket Number field. For more information, see Requesting a password release and Requesting session access.
  3. Safeguard for Privileged Passwords queries all configured ticket systems to see if that ticket number represents a ticket that exists and is in an open state. For ServiceNow, Safeguard checks the "Active" property of the identified ticket returned from the ServiceNow API and considers the ticket number valid if the "Active" property is not "false" for that incident.
    1. If the ticket is not active, the request is denied.
    2. If the ticket is active, the access workflow continues.

You can use the Activity Center to search by ticket number and view the associated requests. For more information, see Applying search criteria.

Remedy integration workflow

The details in the ServiceNow integration workflow example apply to Remedy ticket systems except Remedy will have a different certificate and ticket types. Safeguard checks the "Status" property of the incident returned from the Remedy API. The ticket is considered valid if "Status" is not "Closed" or "Cancelled".

Ticketing pane

Navigate to Administrative Tools | Settings | External Integration | Ticketing. The Ticketing pane displays the following about the ticket systems defined.

Ticketing toolbar

Use these toolbar buttons to manage the ticketing systems defined to integrate with Safeguard for Privileged Passwords.

  • New: Add a new ticket system.
  • Delete Selected: Remove the selected ticket system from Safeguard for Privileged Passwords.
  • Refresh: Update the list of ticket systems.
  • Edit: Modify the selected ticket system configuration.

To configure Safeguard for Privileged Passwords to integrate with an external ticket system

  1. Navigate to Administrative Tools | Settings | External Integration | Ticketing.
  2. Click  Add to open the Ticket System dialog.
  3. Provide the following:
    1. Name: Enter the name of your ticketing system.

    2. Type: Select the type of ticketing tracking system:

      • ServiceNow: A cloud-based issue tracking system.
      • Remedy: A request-for-service problem tracking system.
    3. URL: Enter the web site address to the ticketing system.

    4. User Name: Enter an account for Safeguard for Privileged Passwords to use to access the ticketing system.

    5. Password: Enter the user account's password.

    6. Client Identifier: Enter the ServiceNow Client ID.
    7. Client Secret: Enter the ServiceNow secret key.
    8. Authentication String: Enter the authentication credential for the Remedy AR (Action Request) system server.
    9. Test Connection: Click Test Connection verify the connection works.

Messaging settings

Safeguard for Privileged Passwords allows you to set the following notifications.

Navigate to Administrative Tools | Settings | Messaging.

Table 167: Messaging settings
Setting Description
Login Notification

Where you enable a login banner that users must acknowledge before they can access Safeguard for Privileged Passwords.

Message of the Day

Where you set the Message of the Day which displays on the Home page.

Related Documents